last executing test programs: 8.787049747s ago: executing program 3 (id=228): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000500)={[{@nouid32}, {@block_validity}, {@dax_never}, {@grpquota}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c}) syz_usb_connect(0x1, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e4001020303090224"], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) chdir(&(0x7f00000001c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='rdma.current\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x7f000, 0x4000}]) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_clone(0x1a2000, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x22043, 0x69) 6.425681277s ago: executing program 3 (id=241): move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) accept(r0, &(0x7f0000000080)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000100)=0x80) 6.116070766s ago: executing program 3 (id=242): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001740)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x83, 0x1, 0x3, 0x5, 0x7f, 0x57e}, {0xaa, 0x1, 0x8, 0x4, 0xffc0, 0x7}, 0x3, 0x8, 0x1702}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40098}, 0x0) r6 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0}}], 0x1, 0x8000004) 4.169933862s ago: executing program 3 (id=251): openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = creat(0x0, 0x0) write$cgroup_int(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0xffffffffffffffff, 0x4000000}, 0x50) mmap(&(0x7f00005e8000/0x1000)=nil, 0x1000, 0x2000003, 0x28011, r1, 0xffff8000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) 3.053543618s ago: executing program 0 (id=257): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000000c0)={r1, r0, 0x0, r0}, 0x10) 3.017784541s ago: executing program 0 (id=258): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x8010}, 0x80) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000440)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]}) socket$inet(0x2, 0x2, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 2.883942039s ago: executing program 3 (id=259): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0x38, 0x1, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x15}}, {0x8, 0x2, @remote}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x6}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x406c450}, 0x0) 2.761375445s ago: executing program 2 (id=261): r0 = syz_io_uring_setup(0xda, &(0x7f0000000480)={0x0, 0x183, 0x8, 0x1, 0x15}, &(0x7f0000000000)=0x0, &(0x7f0000000640)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffd, 0x0, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="0076f0"], 0x48) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x51, 0x0, @fd, 0x1, 0x0, 0x7, 0x1}) io_uring_enter(r0, 0x22d2, 0x20, 0x0, 0x0, 0x0) 2.549313258s ago: executing program 3 (id=263): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000500)={[{@nouid32}, {@block_validity}, {@dax_never}, {@grpquota}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c}) syz_usb_connect(0x1, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e4001020303090224"], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) chdir(&(0x7f00000001c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='rdma.current\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x7f000, 0x4000}]) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_clone(0x1a2000, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x22043, 0x69) 2.541622319s ago: executing program 1 (id=264): socket(0x10, 0x803, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x24, 0x6d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_PROP_LIST={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 2.540766109s ago: executing program 2 (id=265): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) get_robust_list(r0, 0x0, &(0x7f00000006c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) socket$kcm(0x10, 0x2, 0x4) socket$inet6_sctp(0xa, 0x1, 0x84) io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, 0x0, 0x0) 2.451180194s ago: executing program 1 (id=266): unshare(0x8040480) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000000c0)={r1, r0, 0x0, r0}, 0x10) 2.285400754s ago: executing program 1 (id=267): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff4000/0x2000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0x2, 0x4) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1.411705376s ago: executing program 0 (id=268): openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = creat(0x0, 0x0) write$cgroup_int(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0xffffffffffffffff, 0x4000000}, 0x50) mmap(&(0x7f00005e8000/0x1000)=nil, 0x1000, 0x2000003, 0x28011, r1, 0xffff8000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) 1.224298627s ago: executing program 1 (id=269): r0 = syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00') r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x2d}, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, @private0, 0x80000001, 0x6, 0x0, 0x100, 0x9, 0x110022, r2}) getdents(r0, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x88c0}, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, 0x0, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, 0x0, 0x0) r6 = socket(0x80000000000000a, 0x2, 0x0) ioctl$SIOCGIFMTU(r6, 0x8913, &(0x7f00000001c0)={'veth0\x00'}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r7}, &(0x7f0000bbdffc)=0x0) timer_settime(r8, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r9, 0x0, r11, 0x0, 0x1, 0x0) r12 = socket(0x400000000010, 0x3, 0x0) r13 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, 0x0) sendmsg$nl_route_sched(r12, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0xfffb}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x1}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x80) vmsplice(r10, 0x0, 0x0, 0x0) vmsplice(r11, 0x0, 0x0, 0x6) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001300)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e640500000000007502faff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000032000000b70000000000002995000000000000001da5ad3548ebb63d18db6a1c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6d5b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa387a8077927a1ad367c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f20002b35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8c367d1bfd1aea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82dc568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000000000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac6f09c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccf5e882602897a85bf8523d891080593d831d758deb4f2c7e49c6d6b35d8fd92601c8500febb0c5fe0be294bf6bbbecad444695277a9e3992a354492513b43091d161c7c7cdbbe44e8e83b4cf333238a52f214b278c6485236ea880db2f113f6381187679a4620d6149808b0af024b3b3e6ba99b4b15ca"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) 583.549326ms ago: executing program 0 (id=270): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000050000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r1, r3, 0x25, 0x0, @val=@iter={0x0}}, 0x20) syz_emit_ethernet(0x7a, &(0x7f0000000580)=ANY=[], 0x0) 476.983382ms ago: executing program 0 (id=271): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x1c, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa88"], 0xfdef) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[], 0x78}, 0x1, 0xffffffff00000003}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 277.372244ms ago: executing program 2 (id=272): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x0, 0x4}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={r1, 0x0, 0xd8e, 0x7, 0x4, 0x5}, 0x14) 267.633184ms ago: executing program 2 (id=273): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000001d00)={0x13, 0x10, 0xfa00, {&(0x7f0000005d40), 0xffffffffffffffff, 0x2}}, 0x18) 203.395458ms ago: executing program 2 (id=274): r0 = socket$unix(0x1, 0x1, 0x0) close(r0) socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0xa0028010}) 144.560971ms ago: executing program 1 (id=275): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3) sendmmsg$inet(r0, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000800)}, {&(0x7f0000000a40)="1791613d45501cb6a8d8eaeb96ee68b2d8daad34b8c528b97ead9f051e427e309b714d3d12d8d401ee42a681834000000022ea526737b16783f6d819d82b492bf64f5475d1e1f435a4fd5de8795db130dc9a9e82dae807b69f", 0x59}], 0x2}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f", 0x85}], 0x1}}], 0x2, 0x2090) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 78.732906ms ago: executing program 2 (id=276): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000200)={[{@nombcache}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@nombcache}, {@nobarrier}, {@init_itable}, {@errors_remount}]}, 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=") lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file1\x00', &(0x7f0000000840), &(0x7f0000000940)=ANY=[], 0x361, 0x1) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="0d000000246804003199aee6fdb9291b3091ec1a2d41d2270a00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448f", 0xe2}], 0x1) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f00000000c0), &(0x7f00000001c0)=ANY=[], 0xfe37, 0x0) 77.514295ms ago: executing program 1 (id=277): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000040)=[{0x6, 0x1, 0x3, 0x3}]}) munmap(&(0x7f0000800000/0x800000)=nil, 0x800000) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0)) 0s ago: executing program 0 (id=278): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000940)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r3, 0x5d509}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5, 0x4, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x11}, 0x40004) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)}}], 0x1, 0x80) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.65' (ED25519) to the list of known hosts. [ 63.441251][ T5749] cgroup: Unknown subsys name 'net' [ 63.580933][ T5749] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 64.913484][ T5749] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 66.706639][ T5762] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.715022][ T5762] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.722606][ T5762] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.725989][ T5765] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 66.730640][ T5762] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.738119][ T5765] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 66.744614][ T5762] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.758826][ T5762] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.758849][ T5765] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 66.778269][ T5765] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 66.816263][ T5765] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 66.825391][ T5765] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 66.923570][ T5765] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 66.935603][ T5765] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 66.943551][ T5765] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 66.951861][ T5765] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 66.965900][ T5765] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 66.973361][ T5765] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.065916][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.067545][ T5759] chnl_net:caif_netlink_parms(): no params data found [ 67.080711][ T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.088372][ T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.096620][ T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.116399][ T51] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.123958][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.225821][ T5759] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.235987][ T5759] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.243307][ T5759] bridge_slave_0: entered allmulticast mode [ 67.251287][ T5759] bridge_slave_0: entered promiscuous mode [ 67.288013][ T5759] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.305135][ T5759] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.312298][ T5759] bridge_slave_1: entered allmulticast mode [ 67.319834][ T5759] bridge_slave_1: entered promiscuous mode [ 67.387834][ T5759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.400048][ T5759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.421722][ T5761] chnl_net:caif_netlink_parms(): no params data found [ 67.454938][ T5759] team0: Port device team_slave_0 added [ 67.476926][ T5759] team0: Port device team_slave_1 added [ 67.520352][ T5767] chnl_net:caif_netlink_parms(): no params data found [ 67.540199][ T5759] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.547307][ T5759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.573568][ T5759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.619524][ T5759] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.626634][ T5759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.652600][ T5759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.703399][ T5761] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.710710][ T5761] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.718075][ T5761] bridge_slave_0: entered allmulticast mode [ 67.724881][ T5761] bridge_slave_0: entered promiscuous mode [ 67.757175][ T5761] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.764341][ T5761] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.771641][ T5761] bridge_slave_1: entered allmulticast mode [ 67.778560][ T5761] bridge_slave_1: entered promiscuous mode [ 67.841348][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.848769][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.856049][ T5767] bridge_slave_0: entered allmulticast mode [ 67.863061][ T5767] bridge_slave_0: entered promiscuous mode [ 67.880017][ T5759] hsr_slave_0: entered promiscuous mode [ 67.887429][ T5759] hsr_slave_1: entered promiscuous mode [ 67.896966][ T5761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.906783][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.913894][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.923243][ T5767] bridge_slave_1: entered allmulticast mode [ 67.930662][ T5767] bridge_slave_1: entered promiscuous mode [ 67.959514][ T5761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.995438][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.025653][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.034969][ T5772] chnl_net:caif_netlink_parms(): no params data found [ 68.054396][ T5761] team0: Port device team_slave_0 added [ 68.067360][ T5761] team0: Port device team_slave_1 added [ 68.128200][ T5767] team0: Port device team_slave_0 added [ 68.168135][ T5767] team0: Port device team_slave_1 added [ 68.183841][ T5761] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.190911][ T5761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.223965][ T5761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.263974][ T5761] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.273130][ T5761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.299255][ T5761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.314381][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.321429][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.347454][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.385224][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.392201][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.418653][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.491692][ T5761] hsr_slave_0: entered promiscuous mode [ 68.497907][ T5761] hsr_slave_1: entered promiscuous mode [ 68.504014][ T5761] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.512639][ T5761] Cannot create hsr debugfs directory [ 68.520258][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.529450][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.537468][ T5772] bridge_slave_0: entered allmulticast mode [ 68.544060][ T5772] bridge_slave_0: entered promiscuous mode [ 68.573991][ T5767] hsr_slave_0: entered promiscuous mode [ 68.580564][ T5767] hsr_slave_1: entered promiscuous mode [ 68.586795][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.594341][ T5767] Cannot create hsr debugfs directory [ 68.611426][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.619122][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.626303][ T5772] bridge_slave_1: entered allmulticast mode [ 68.632885][ T5772] bridge_slave_1: entered promiscuous mode [ 68.704347][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.742598][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.797686][ T5759] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 68.819337][ T5772] team0: Port device team_slave_0 added [ 68.835725][ T5772] team0: Port device team_slave_1 added [ 68.845807][ T5765] Bluetooth: hci1: command tx timeout [ 68.845819][ T51] Bluetooth: hci0: command tx timeout [ 68.859169][ T5759] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 68.885296][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.892252][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.918606][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.935274][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.942238][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.968458][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.988892][ T5759] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 69.005097][ T5765] Bluetooth: hci2: command tx timeout [ 69.018101][ T5759] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 69.077747][ T5772] hsr_slave_0: entered promiscuous mode [ 69.083984][ T5772] hsr_slave_1: entered promiscuous mode [ 69.091247][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.098973][ T5772] Cannot create hsr debugfs directory [ 69.174809][ T5765] Bluetooth: hci3: command tx timeout [ 69.263916][ T5761] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.274521][ T5761] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.283871][ T5761] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.305141][ T5761] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.372355][ T5767] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 69.384475][ T5767] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 69.400583][ T5767] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 69.410997][ T5767] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 69.490012][ T5772] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 69.499567][ T5772] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 69.520661][ T5759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.530222][ T5772] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 69.539851][ T5772] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 69.607967][ T5759] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.634013][ T5761] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.656620][ T1073] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.663899][ T1073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.697770][ T5761] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.712227][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.719343][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.762121][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.769231][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.827043][ T3434] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.834343][ T3434] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.868938][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.896566][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.958366][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.987340][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.009046][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.016252][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.092495][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.099700][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.117283][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.124442][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.146965][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.154124][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.274128][ T5759] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.335999][ T5761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.478339][ T5759] veth0_vlan: entered promiscuous mode [ 70.486456][ T5761] veth0_vlan: entered promiscuous mode [ 70.511961][ T5761] veth1_vlan: entered promiscuous mode [ 70.542682][ T5759] veth1_vlan: entered promiscuous mode [ 70.588792][ T5761] veth0_macvtap: entered promiscuous mode [ 70.634479][ T5761] veth1_macvtap: entered promiscuous mode [ 70.658339][ T5759] veth0_macvtap: entered promiscuous mode [ 70.678040][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.688619][ T5759] veth1_macvtap: entered promiscuous mode [ 70.704085][ T5761] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.737501][ T5761] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.753800][ T5759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.766086][ T5759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.779258][ T5759] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.790495][ T5761] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.799921][ T5761] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.808943][ T5761] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.819262][ T5761] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.844008][ T5759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.857310][ T5759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.868393][ T5759] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.891293][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.913155][ T5759] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.922405][ T5759] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.932885][ T5765] Bluetooth: hci1: command tx timeout [ 70.936534][ T51] Bluetooth: hci0: command tx timeout [ 70.938711][ T5759] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.954408][ T5759] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.064124][ T5772] veth0_vlan: entered promiscuous mode [ 71.075948][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.081698][ T5772] veth1_vlan: entered promiscuous mode [ 71.083906][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.102909][ T51] Bluetooth: hci2: command tx timeout [ 71.167760][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.168474][ T5767] veth0_vlan: entered promiscuous mode [ 71.176182][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.227513][ T5767] veth1_vlan: entered promiscuous mode [ 71.245575][ T51] Bluetooth: hci3: command tx timeout [ 71.283294][ T5772] veth0_macvtap: entered promiscuous mode [ 71.284856][ T1130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.297933][ T1130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.321646][ T5772] veth1_macvtap: entered promiscuous mode [ 71.391717][ T5767] veth0_macvtap: entered promiscuous mode [ 71.401188][ T5845] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1'. [ 71.413387][ T5845] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'. [ 71.422502][ T5845] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'. [ 71.435150][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.444500][ T5767] veth1_macvtap: entered promiscuous mode [ 71.445976][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.477953][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.494586][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.505716][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.544818][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.554678][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.566459][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.577942][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.598133][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.608902][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.619683][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.648685][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.662716][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.679953][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.691369][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.701824][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.712430][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.723085][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.733803][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.745314][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.758085][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.768719][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.779296][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.791143][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.801004][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.811893][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.828311][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.848245][ T5772] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.857460][ T5772] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.876131][ T5772] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.885445][ T5772] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.969678][ T5767] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.980421][ T5767] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.990789][ T5767] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.000308][ T5767] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.011923][ T5851] syzkaller0: entered promiscuous mode [ 72.020100][ T5851] syzkaller0: entered allmulticast mode [ 72.235680][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.246466][ T5862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7'. [ 72.268119][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.312989][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.323408][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.345852][ T3434] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.353884][ T3434] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.393966][ T5864] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8'. [ 72.424973][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.455341][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.522498][ T5866] syz.1.2[5866]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 72.570801][ T5866] loop1: detected capacity change from 0 to 512 [ 72.610289][ T5866] EXT4-fs: Mount option(s) incompatible with ext2 [ 72.982771][ T5878] loop0: detected capacity change from 0 to 128 [ 72.996102][ T5878] EXT4-fs: Ignoring removed orlov option [ 73.002004][ T5878] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.008874][ T51] Bluetooth: hci1: command tx timeout [ 73.017451][ T51] Bluetooth: hci0: command tx timeout [ 73.024652][ T5878] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.064064][ T5878] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 73.125563][ T5878] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 73.165021][ T51] Bluetooth: hci2: command tx timeout [ 73.217166][ T5885] syzkaller0: entered promiscuous mode [ 73.222753][ T5885] syzkaller0: entered allmulticast mode [ 73.326036][ T51] Bluetooth: hci3: command tx timeout [ 73.373931][ T5891] netlink: 16 bytes leftover after parsing attributes in process `syz.2.17'. [ 73.553360][ T5897] loop2: detected capacity change from 0 to 128 [ 73.691539][ T5897] syz.2.20: attempt to access beyond end of device [ 73.691539][ T5897] loop2: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 73.743881][ T5897] syz.2.20: attempt to access beyond end of device [ 73.743881][ T5897] loop2: rw=0, sector=138, nr_sectors = 2 limit=128 [ 73.861252][ T5761] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.087041][ T51] Bluetooth: hci0: command tx timeout [ 75.092636][ T51] Bluetooth: hci1: command tx timeout [ 75.245342][ T5765] Bluetooth: hci2: command tx timeout [ 75.405414][ T5765] Bluetooth: hci3: command tx timeout [ 75.714723][ C0] sched: RT throttling activated [ 76.147754][ T5931] netlink: 8 bytes leftover after parsing attributes in process `syz.2.33'. [ 76.171586][ T5934] loop0: detected capacity change from 0 to 1024 [ 76.227132][ T5934] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.805544][ T5954] netlink: 12 bytes leftover after parsing attributes in process `syz.3.44'. [ 76.821228][ T5955] capability: warning: `syz.1.43' uses 32-bit capabilities (legacy support in use) [ 77.031488][ T5961] loop2: detected capacity change from 0 to 256 [ 77.096925][ T5961] FAT-fs (loop2): Unrecognized mount option "uni_xlate?1" or missing value [ 77.197847][ T5961] tipc: Started in network mode [ 77.247870][ T5961] tipc: Node identity 5f3d302c73686f72, cluster identity 4711 [ 77.286131][ T5961] tipc: Enabling of bearer rejected, failed to enable media [ 77.323504][ T5968] loop3: detected capacity change from 0 to 512 [ 77.347605][ T5968] EXT4-fs: Ignoring removed nobh option [ 77.468779][ T5968] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.514459][ T5968] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 77.735840][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.753128][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.780318][ T5977] loop1: detected capacity change from 0 to 1024 [ 77.835847][ T5977] ======================================================= [ 77.835847][ T5977] WARNING: The mand mount option has been deprecated and [ 77.835847][ T5977] and is ignored by this kernel. Remove the mand [ 77.835847][ T5977] option from the mount to silence this warning. [ 77.835847][ T5977] ======================================================= [ 77.990588][ T5977] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.069654][ T5990] loop3: detected capacity change from 0 to 512 [ 78.119632][ T5990] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.153927][ T5990] ext4 filesystem being mounted at /13/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.422029][ T6002] loop0: detected capacity change from 0 to 1024 [ 78.435207][ T5803] usb 2-1: new low-speed USB device number 2 using dummy_hcd [ 78.498224][ T6002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.686247][ T5803] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 78.715975][ T5803] usb 2-1: config 0 has no interfaces? [ 78.732271][ T5803] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 78.765769][ T5803] usb 2-1: config 0 has no interfaces? [ 78.792437][ T5803] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 78.804751][ T5803] usb 2-1: config 0 has no interfaces? [ 78.821832][ T5803] usb 2-1: string descriptor 0 read error: -22 [ 78.841834][ T5803] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 78.858866][ T5803] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.885185][ T5803] usb 2-1: config 0 descriptor?? [ 79.449198][ T6024] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4047: comm syz.1.54: Allocating blocks 497-513 which overlap fs metadata [ 79.499790][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.518006][ T6024] EXT4-fs (loop1): pa ffff888076e03488: logic 128, phys. 385, len 8 [ 79.526843][ T6024] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1 [ 79.588728][ T5803] usb 2-1: USB disconnect, device number 2 [ 79.854105][ T6025] syz.1.54 (6025) used greatest stack depth: 19336 bytes left [ 79.978233][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.016915][ T6040] loop2: detected capacity change from 0 to 1024 [ 80.106732][ T6040] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.312103][ T5772] EXT4-fs error (device loop1): mb_free_blocks:1954: group 0, inode 32: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 80.358077][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.805627][ T5759] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.155804][ T6071] loop2: detected capacity change from 0 to 512 [ 82.303869][ T6071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.375698][ T6071] ext4 filesystem being mounted at /35/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.607386][ T8] cfg80211: failed to load regulatory.db [ 82.688590][ T6079] loop1: detected capacity change from 0 to 256 [ 82.923124][ T6079] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 82.975027][ T6079] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 83.028875][ T6079] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 83.114613][ T27] audit: type=1800 audit(1769544750.189:2): pid=6079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.91" name="file1" dev="loop1" ino=1048593 res=0 errno=0 [ 83.211878][ T6086] loop0: detected capacity change from 0 to 1024 [ 83.282385][ T6086] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.943116][ T5759] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.062188][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.237371][ T6112] loop1: detected capacity change from 0 to 256 [ 84.253562][ T6112] FAT-fs (loop1): Unrecognized mount option "uni_xlate?1" or missing value [ 84.274490][ T6110] loop0: detected capacity change from 0 to 1024 [ 84.346337][ T6110] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.414329][ T6126] loop3: detected capacity change from 0 to 512 [ 85.478007][ T6126] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.528993][ T6126] ext4 filesystem being mounted at /21/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.915467][ T6134] syzkaller0: entered promiscuous mode [ 85.925457][ T6134] syzkaller0: entered allmulticast mode [ 86.564864][ T5795] usb 1-1: new low-speed USB device number 2 using dummy_hcd [ 86.589734][ T6143] loop1: detected capacity change from 0 to 256 [ 86.601333][ T6143] FAT-fs (loop1): Unrecognized mount option "uni_xlate?1" or missing value [ 86.770079][ T5795] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 86.800585][ T5795] usb 1-1: config 0 has no interfaces? [ 86.815903][ T5795] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 86.831330][ T5795] usb 1-1: config 0 has no interfaces? [ 86.849403][ T5795] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 86.870180][ T5795] usb 1-1: config 0 has no interfaces? [ 86.896640][ T5795] usb 1-1: string descriptor 0 read error: -22 [ 86.903131][ T5795] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 86.924211][ T5795] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.953433][ T5795] usb 1-1: config 0 descriptor?? [ 87.071309][ T6155] loop1: detected capacity change from 0 to 1024 [ 87.141044][ T6155] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.187119][ T6160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.119'. [ 87.321131][ T6162] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4047: comm syz.0.99: Allocating blocks 497-513 which overlap fs metadata [ 87.337018][ T6162] EXT4-fs (loop0): pa ffff888076e1f1d0: logic 128, phys. 385, len 8 [ 87.345183][ T6162] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1 [ 87.392371][ T5917] usb 1-1: USB disconnect, device number 2 [ 87.437340][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.621737][ T6166] loop3: detected capacity change from 0 to 4096 [ 87.642023][ T6166] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 87.671829][ T6166] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 87.936556][ T5761] EXT4-fs error (device loop0): mb_free_blocks:1954: group 0, inode 31: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 87.963234][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.035202][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.113077][ T6173] netlink: 4 bytes leftover after parsing attributes in process `syz.0.122'. [ 88.133311][ T6173] hsr_slave_0: left promiscuous mode [ 88.144919][ T6173] hsr_slave_1: left promiscuous mode [ 88.159874][ T6177] loop1: detected capacity change from 0 to 1024 [ 88.206301][ T6177] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.533202][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.692338][ T6190] loop0: detected capacity change from 0 to 512 [ 88.757560][ T6196] loop2: detected capacity change from 0 to 128 [ 88.758009][ T6190] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.786830][ T6190] ext4 filesystem being mounted at /27/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.822451][ T6199] loop3: detected capacity change from 0 to 1024 [ 88.865050][ T6196] syz.2.130: attempt to access beyond end of device [ 88.865050][ T6196] loop2: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 88.893704][ T6199] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.030978][ T6202] syz.2.130: attempt to access beyond end of device [ 89.030978][ T6202] loop2: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 89.074977][ T6202] Buffer I/O error on dev loop2, logical block 69, lost async page write [ 89.143508][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.264801][ T5795] usb 4-1: new low-speed USB device number 2 using dummy_hcd [ 89.512156][ T6209] netlink: 4 bytes leftover after parsing attributes in process `syz.1.132'. [ 89.587849][ T5795] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 89.610712][ T5795] usb 4-1: config 0 has no interfaces? [ 89.631961][ T5795] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 89.636441][ T6211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.134'. [ 89.656055][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.656749][ T5795] usb 4-1: config 0 has no interfaces? [ 89.673768][ T5795] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 89.684242][ T6211] hsr_slave_0: left promiscuous mode [ 89.684643][ T5795] usb 4-1: config 0 has no interfaces? [ 89.706509][ T6211] hsr_slave_1: left promiscuous mode [ 89.708126][ T5795] usb 4-1: string descriptor 0 read error: -22 [ 89.739397][ T5795] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 89.761702][ T5795] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.782536][ T5795] usb 4-1: config 0 descriptor?? [ 89.899754][ T6215] loop0: detected capacity change from 0 to 4096 [ 89.928462][ T6215] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 89.942709][ T6215] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 89.963068][ T6217] loop2: detected capacity change from 0 to 128 [ 89.975740][ T6217] EXT4-fs: Ignoring removed orlov option [ 89.988116][ T6217] EXT4-fs: Ignoring removed nomblk_io_submit option [ 89.994892][ T6217] EXT4-fs: Ignoring removed nomblk_io_submit option [ 90.037523][ T6217] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 90.062726][ T6217] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 90.134298][ T6224] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4047: comm syz.3.131: Allocating blocks 497-513 which overlap fs metadata [ 90.151212][ T6224] EXT4-fs (loop3): pa ffff888076e1fae0: logic 128, phys. 385, len 8 [ 90.159388][ T6224] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1 [ 90.185190][ T2129] usb 4-1: USB disconnect, device number 2 [ 90.386984][ T6228] syzkaller0: entered promiscuous mode [ 90.392476][ T6228] syzkaller0: entered allmulticast mode [ 90.754652][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.793123][ T5767] EXT4-fs error (device loop3): mb_free_blocks:1954: group 0, inode 31: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 90.828684][ T5759] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 90.846188][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.236907][ T6239] loop3: detected capacity change from 0 to 512 [ 91.608085][ T6239] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.837272][ T6239] ext4 filesystem being mounted at /27/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.651216][ T6261] loop0: detected capacity change from 0 to 1024 [ 93.653214][ T6260] loop2: detected capacity change from 0 to 128 [ 93.710006][ T6261] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.710627][ T6260] EXT4-fs: Ignoring removed orlov option [ 93.762205][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.763324][ T6260] EXT4-fs: Ignoring removed nomblk_io_submit option [ 93.782360][ T6260] EXT4-fs: Ignoring removed nomblk_io_submit option [ 93.876996][ T6260] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 93.897086][ T6260] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 94.135039][ T1188] usb 1-1: new low-speed USB device number 3 using dummy_hcd [ 94.149679][ T6271] loop3: detected capacity change from 0 to 1024 [ 94.197715][ T6271] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.348114][ T1188] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 94.365723][ T1188] usb 1-1: config 0 has no interfaces? [ 94.379803][ T1188] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 94.396832][ T1188] usb 1-1: config 0 has no interfaces? [ 94.403615][ T1188] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 94.427653][ T1188] usb 1-1: config 0 has no interfaces? [ 94.475704][ T1188] usb 1-1: string descriptor 0 read error: -22 [ 94.482048][ T1188] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 94.504934][ T1188] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.524302][ T1188] usb 1-1: config 0 descriptor?? [ 94.537860][ T5759] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 94.932368][ T6280] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4047: comm syz.0.148: Allocating blocks 497-513 which overlap fs metadata [ 94.953613][ T6280] EXT4-fs (loop0): pa ffff888076e74ae0: logic 128, phys. 385, len 8 [ 94.962490][ T6280] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1 [ 95.003009][ T5824] usb 1-1: USB disconnect, device number 3 [ 95.262765][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.083863][ T6290] loop3: detected capacity change from 0 to 512 [ 96.172059][ T5761] EXT4-fs error (device loop0): mb_free_blocks:1954: group 0, inode 31: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 96.238541][ T6290] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.293166][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.311484][ T6290] ext4 filesystem being mounted at /32/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.616948][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.837810][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz.0.160'. [ 98.129691][ T6319] netlink: 4 bytes leftover after parsing attributes in process `syz.1.165'. [ 98.218230][ T6321] netlink: 36 bytes leftover after parsing attributes in process `syz.3.167'. [ 98.251574][ T6321] netlink: 40 bytes leftover after parsing attributes in process `syz.3.167'. [ 98.410465][ T6327] loop3: detected capacity change from 0 to 256 [ 98.420747][ T6327] FAT-fs (loop3): Unrecognized mount option "uni_xlate?1" or missing value [ 98.472160][ T6030] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 98.592889][ T6334] netlink: 4 bytes leftover after parsing attributes in process `syz.0.172'. [ 98.663057][ T6336] tipc: Started in network mode [ 98.679052][ T6336] tipc: Node identity aa566fc1215e, cluster identity 4711 [ 98.690645][ T6336] tipc: Enabled bearer , priority 0 [ 98.704501][ T6338] loop2: detected capacity change from 0 to 128 [ 98.739772][ T6338] EXT4-fs: Ignoring removed orlov option [ 98.750170][ T6336] syzkaller0: entered promiscuous mode [ 98.759197][ T6338] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.774871][ T6336] syzkaller0: entered allmulticast mode [ 98.780250][ T6338] EXT4-fs: Ignoring removed nomblk_io_submit option [ 98.795731][ T6336] tipc: Resetting bearer [ 98.807174][ T6338] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 98.819764][ T6338] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 98.838203][ T6335] tipc: Resetting bearer [ 99.158398][ T6349] loop1: detected capacity change from 0 to 128 [ 99.442971][ T6353] capability: warning: `syz.1.179' uses deprecated v2 capabilities in a way that may be insecure [ 99.572905][ T5759] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 99.684299][ T6357] loop2: detected capacity change from 0 to 256 [ 99.711511][ T6357] FAT-fs (loop2): Unrecognized mount option "uni_xlate?1" or missing value [ 100.014978][ T6367] loop0: detected capacity change from 0 to 128 [ 100.525378][ T6387] loop0: detected capacity change from 0 to 128 [ 100.542799][ T6387] EXT4-fs: Ignoring removed orlov option [ 100.570915][ T6387] EXT4-fs: Ignoring removed nomblk_io_submit option [ 100.592217][ T6387] EXT4-fs: Ignoring removed nomblk_io_submit option [ 100.666009][ T6387] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 100.698790][ T6387] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 101.391116][ T6395] loop1: detected capacity change from 0 to 256 [ 101.413132][ T6395] FAT-fs (loop1): Unrecognized mount option "uni_xlate?1" or missing value [ 101.440530][ T5761] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 102.033291][ T6406] loop0: detected capacity change from 0 to 128 [ 102.112018][ T6335] tipc: Disabling bearer [ 102.128153][ T5803] tipc: Node number set to 2332585921 [ 102.156102][ T6397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.194'. [ 102.188359][ T6397] hsr_slave_0: left promiscuous mode [ 102.203456][ T6397] hsr_slave_1: left promiscuous mode [ 102.488544][ T6413] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.557474][ T6418] Zero length message leads to an empty skb [ 103.346467][ T6413] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.448425][ T6425] loop2: detected capacity change from 0 to 256 [ 103.513674][ T6425] FAT-fs (loop2): Unrecognized mount option "uni_xlate?1" or missing value [ 103.538436][ T6426] loop1: detected capacity change from 0 to 1024 [ 103.563039][ T6413] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.634522][ T6426] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.898090][ T6413] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.125791][ T5824] usb 2-1: new low-speed USB device number 3 using dummy_hcd [ 104.140953][ T6413] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.193656][ T6413] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.230327][ T6413] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.281971][ T6413] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.361719][ T5824] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 104.377554][ T5824] usb 2-1: config 0 has no interfaces? [ 104.397366][ T5824] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 104.445047][ T5824] usb 2-1: config 0 has no interfaces? [ 104.457297][ T5824] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 104.495099][ T5824] usb 2-1: config 0 has no interfaces? [ 104.513525][ T5824] usb 2-1: string descriptor 0 read error: -22 [ 104.525565][ T5824] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 104.554884][ T5824] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.576616][ T6437] tipc: Enabled bearer , priority 0 [ 104.586383][ T5824] usb 2-1: config 0 descriptor?? [ 104.657358][ T6437] syzkaller0: entered promiscuous mode [ 104.662944][ T6437] syzkaller0: entered allmulticast mode [ 104.670350][ T6437] tipc: Resetting bearer [ 104.689467][ T6434] tipc: Resetting bearer [ 104.725845][ T6440] loop0: detected capacity change from 0 to 1024 [ 104.782144][ T6440] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.117670][ T6450] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4047: comm syz.1.203: Allocating blocks 497-513 which overlap fs metadata [ 105.119596][ T5761] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.136868][ T6450] EXT4-fs (loop1): pa ffff888076e740e8: logic 128, phys. 385, len 8 [ 105.148982][ T6450] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1 [ 105.255813][ T8] usb 2-1: USB disconnect, device number 3 [ 105.575582][ T6467] loop0: detected capacity change from 0 to 256 [ 105.605956][ T6467] FAT-fs (loop0): Unrecognized mount option "uni_xlate?1" or missing value [ 105.748556][ T5772] EXT4-fs error (device loop1): mb_free_blocks:1954: group 0, inode 32: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 105.790050][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.119634][ T6481] loop1: detected capacity change from 0 to 512 [ 108.196399][ T6481] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.217629][ T6481] ext4 filesystem being mounted at /43/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 109.054450][ T6434] tipc: Disabling bearer [ 109.496682][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.700686][ T6512] loop3: detected capacity change from 0 to 1024 [ 109.754997][ T6512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.066545][ T1188] usb 4-1: new low-speed USB device number 3 using dummy_hcd [ 110.161176][ T6524] syzkaller0: entered promiscuous mode [ 110.175250][ T6524] syzkaller0: entered allmulticast mode [ 110.276904][ T1188] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 110.306143][ T1188] usb 4-1: config 0 has no interfaces? [ 110.329955][ T1188] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 110.331507][ T6523] tipc: Started in network mode [ 110.342105][ T1188] usb 4-1: config 0 has no interfaces? [ 110.352300][ T1188] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 110.367395][ T6523] tipc: Node identity c643c5535354, cluster identity 4711 [ 110.374686][ T6523] tipc: Enabled bearer , priority 0 [ 110.375676][ T1188] usb 4-1: config 0 has no interfaces? [ 110.422982][ T6529] loop2: detected capacity change from 0 to 512 [ 110.434302][ T1188] usb 4-1: string descriptor 0 read error: -22 [ 110.443518][ T1188] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 110.474880][ T1188] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.486958][ T1188] usb 4-1: config 0 descriptor?? [ 110.487899][ T6529] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.500244][ T6523] syzkaller0: entered promiscuous mode [ 110.510147][ T6523] syzkaller0: entered allmulticast mode [ 110.520882][ T6523] tipc: Resetting bearer [ 110.529286][ T6529] ext4 filesystem being mounted at /80/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.592682][ T6521] tipc: Resetting bearer [ 111.108214][ T6512] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4047: comm syz.3.228: Allocating blocks 497-513 which overlap fs metadata [ 111.143957][ T6512] EXT4-fs (loop3): pa ffff888076e1fcb0: logic 128, phys. 385, len 8 [ 111.152302][ T6512] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 1 [ 111.281726][ T5795] usb 4-1: USB disconnect, device number 3 [ 111.714483][ T5759] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.993420][ T5767] EXT4-fs error (device loop3): mb_free_blocks:1954: group 0, inode 29: block 161:freeing already freed block (bit 10); block bitmap corrupt. [ 112.019061][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.931838][ T6521] tipc: Disabling bearer [ 112.947960][ T6547] geneve2: entered promiscuous mode [ 112.954255][ T5917] tipc: Node number set to 2501363027 [ 113.005517][ T6557] syzkaller0: entered promiscuous mode [ 113.028633][ T6557] syzkaller0: entered allmulticast mode [ 114.689622][ T6595] netlink: 4 bytes leftover after parsing attributes in process `syz.1.252'. [ 115.283289][ T6601] loop2: detected capacity change from 0 to 512 [ 115.370878][ T6601] EXT4-fs (loop2): 1 truncate cleaned up [ 115.405230][ T27] audit: type=1326 audit(1769544782.489:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6606 comm="syz.0.258" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc11a79aeb9 code=0x0 [ 115.408841][ T6601] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.485101][ T6601] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.256: bg 0: block 465: padding at end of block bitmap is not set [ 115.503064][ T6601] EXT4-fs (loop2): Remounting filesystem read-only [ 115.573129][ T5759] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.930979][ T6621] loop3: detected capacity change from 0 to 1024 [ 116.073759][ T6621] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.295270][ T6637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.269'. [ 118.113992][ T5917] usb 4-1: new low-speed USB device number 4 using dummy_hcd [ 118.307866][ T5917] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 118.334783][ T5917] usb 4-1: config 0 has no interfaces? [ 118.342688][ T5917] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 118.363963][ T6652] loop2: detected capacity change from 0 to 1024 [ 118.365230][ T5917] usb 4-1: config 0 has no interfaces? [ 118.376299][ T27] audit: type=1326 audit(1769544785.459:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6651 comm="syz.1.277" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf38d9aeb9 code=0x0 [ 118.399259][ T5917] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 118.411895][ T5917] usb 4-1: config 0 has no interfaces? [ 118.438186][ T5917] usb 4-1: string descriptor 0 read error: -22 [ 118.439322][ T6652] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.453567][ T5917] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 118.465951][ T5917] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.467632][ T6657] geneve2: entered promiscuous mode [ 118.488434][ T5917] usb 4-1: config 0 descriptor?? [ 118.522535][ T6652] ================================================================== [ 118.530647][ T6652] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 118.538404][ T6652] Read of size 18446744073709551588 at addr ffff88805ad78840 by task syz.2.276/6652 [ 118.547786][ T6652] [ 118.550137][ T6652] CPU: 0 PID: 6652 Comm: syz.2.276 Not tainted syzkaller #0 [ 118.557434][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 118.567523][ T6652] Call Trace: [ 118.570821][ T6652] [ 118.573759][ T6652] dump_stack_lvl+0x18c/0x250 [ 118.578459][ T6652] ? read_lock_is_recursive+0x20/0x20 [ 118.583854][ T6652] ? show_regs_print_info+0x20/0x20 [ 118.589066][ T6652] ? load_image+0x400/0x400 [ 118.593585][ T6652] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 118.599057][ T6652] ? __virt_addr_valid+0x18c/0x540 [ 118.604173][ T6652] ? __virt_addr_valid+0x469/0x540 [ 118.609295][ T6652] print_report+0xa8/0x210 [ 118.613741][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 118.619215][ T6652] kasan_report+0x117/0x150 [ 118.623735][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 118.629205][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 118.634658][ T6652] kasan_check_range+0x241/0x290 [ 118.639585][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 118.645032][ T6652] __asan_memmove+0x29/0x70 [ 118.649527][ T6652] ext4_xattr_set_entry+0x94b/0x1e90 [ 118.654810][ T6652] ext4_xattr_block_set+0xae8/0x32b0 [ 118.660084][ T6652] ? ext4_destroy_inode+0x200/0x200 [ 118.665276][ T6652] ? proc_nr_inodes+0x230/0x230 [ 118.670112][ T6652] ? do_raw_spin_unlock+0x121/0x230 [ 118.675300][ T6652] ? _raw_spin_unlock+0x28/0x40 [ 118.680142][ T6652] ? ext4_xattr_block_find+0x350/0x350 [ 118.685591][ T6652] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 118.690950][ T6652] ext4_xattr_set_handle+0xe2e/0x14c0 [ 118.696331][ T6652] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 118.702373][ T6652] ? __ext4_journal_start_sb+0x259/0x560 [ 118.708013][ T6652] ext4_xattr_set+0x252/0x340 [ 118.712680][ T6652] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 118.718215][ T6652] ? evm_protected_xattr_common+0x170/0x190 [ 118.724102][ T6652] ? ext4_xattr_security_get+0x40/0x40 [ 118.729552][ T6652] __vfs_setxattr+0x431/0x470 [ 118.734228][ T6652] __vfs_setxattr_noperm+0x12d/0x5e0 [ 118.739505][ T6652] vfs_setxattr+0x16b/0x2f0 [ 118.743998][ T6652] ? xattr_permission+0x470/0x470 [ 118.749008][ T6652] ? __mnt_want_write+0x223/0x2a0 [ 118.754020][ T6652] ? path_setxattr+0x3a1/0x5d0 [ 118.758770][ T6652] path_setxattr+0x3f3/0x5d0 [ 118.763352][ T6652] ? simple_xattrs_free+0x150/0x150 [ 118.768545][ T6652] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 118.774513][ T6652] ? lock_chain_count+0x20/0x20 [ 118.779355][ T6652] __x64_sys_setxattr+0xbb/0xd0 [ 118.784198][ T6652] do_syscall_64+0x55/0xa0 [ 118.788604][ T6652] ? clear_bhb_loop+0x40/0x90 [ 118.793268][ T6652] ? clear_bhb_loop+0x40/0x90 [ 118.797927][ T6652] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 118.803805][ T6652] RIP: 0033:0x7fd8f919aeb9 [ 118.808214][ T6652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 118.827809][ T6652] RSP: 002b:00007fd8fa128028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 118.836207][ T6652] RAX: ffffffffffffffda RBX: 00007fd8f9415fa0 RCX: 00007fd8f919aeb9 [ 118.844162][ T6652] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 118.852116][ T6652] RBP: 00007fd8f9208c1f R08: 0000000000000000 R09: 0000000000000000 [ 118.860078][ T6652] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 118.868032][ T6652] R13: 00007fd8f9416038 R14: 00007fd8f9415fa0 R15: 00007ffe39060c38 [ 118.875993][ T6652] [ 118.879004][ T6652] [ 118.881312][ T6652] Allocated by task 6652: [ 118.885620][ T6652] kasan_set_track+0x4e/0x70 [ 118.890198][ T6652] __kasan_kmalloc+0x8f/0xa0 [ 118.894770][ T6652] __kmalloc_node_track_caller+0xb2/0x230 [ 118.900562][ T6652] kmemdup+0x2b/0x70 [ 118.904446][ T6652] ext4_xattr_block_set+0x9ea/0x32b0 [ 118.909723][ T6652] ext4_xattr_set_handle+0xe2e/0x14c0 [ 118.915079][ T6652] ext4_xattr_set+0x252/0x340 [ 118.919740][ T6652] __vfs_setxattr+0x431/0x470 [ 118.924403][ T6652] __vfs_setxattr_noperm+0x12d/0x5e0 [ 118.929675][ T6652] vfs_setxattr+0x16b/0x2f0 [ 118.934164][ T6652] path_setxattr+0x3f3/0x5d0 [ 118.938744][ T6652] __x64_sys_setxattr+0xbb/0xd0 [ 118.943577][ T6652] do_syscall_64+0x55/0xa0 [ 118.947976][ T6652] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 118.953856][ T6652] [ 118.956161][ T6652] The buggy address belongs to the object at ffff88805ad78800 [ 118.956161][ T6652] which belongs to the cache kmalloc-1k of size 1024 [ 118.970194][ T6652] The buggy address is located 64 bytes inside of [ 118.970194][ T6652] 1024-byte region [ffff88805ad78800, ffff88805ad78c00) [ 118.983453][ T6652] [ 118.985760][ T6652] The buggy address belongs to the physical page: [ 118.992158][ T6652] page:ffffea00016b5e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5ad78 [ 119.002287][ T6652] head:ffffea00016b5e00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 119.011199][ T6652] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 119.019164][ T6652] page_type: 0xffffffff() [ 119.023476][ T6652] raw: 00fff00000000840 ffff888017c41dc0 ffffea00009b0800 dead000000000002 [ 119.032042][ T6652] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 119.040602][ T6652] page dumped because: kasan: bad access detected [ 119.046997][ T6652] page_owner tracks the page as allocated [ 119.052695][ T6652] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6064, tgid 6064 (kworker/u4:8), ts 95897884536, free_ts 95683813551 [ 119.073339][ T6652] post_alloc_hook+0x1c1/0x200 [ 119.078107][ T6652] get_page_from_freelist+0x1951/0x19e0 [ 119.083633][ T6652] __alloc_pages+0x1f0/0x460 [ 119.088211][ T6652] alloc_slab_page+0x5d/0x160 [ 119.092869][ T6652] new_slab+0x87/0x2d0 [ 119.096924][ T6652] ___slab_alloc+0xc5d/0x12f0 [ 119.101586][ T6652] __kmem_cache_alloc_node+0x19e/0x250 [ 119.107029][ T6652] __kmalloc+0xa4/0x230 [ 119.111171][ T6652] ieee802_11_parse_elems_full+0xb9/0x20c0 [ 119.116963][ T6652] ieee80211_ibss_rx_queued_mgmt+0x4b5/0x2c80 [ 119.123019][ T6652] ieee80211_iface_work+0x717/0xc70 [ 119.128205][ T6652] cfg80211_wiphy_work+0x225/0x260 [ 119.133306][ T6652] process_scheduled_works+0xa5d/0x15d0 [ 119.138839][ T6652] worker_thread+0xa55/0xfc0 [ 119.143411][ T6652] kthread+0x2fa/0x390 [ 119.147463][ T6652] ret_from_fork+0x48/0x80 [ 119.151862][ T6652] page last free stack trace: [ 119.156515][ T6652] free_unref_page_prepare+0x7b2/0x8c0 [ 119.161970][ T6652] free_unref_page+0x32/0x2e0 [ 119.166632][ T6652] __unfreeze_partials+0x1cf/0x210 [ 119.171724][ T6652] put_cpu_partial+0x17c/0x250 [ 119.176468][ T6652] __slab_free+0x319/0x400 [ 119.180866][ T6652] qlist_free_all+0x75/0xd0 [ 119.185354][ T6652] kasan_quarantine_reduce+0x143/0x160 [ 119.190799][ T6652] __kasan_slab_alloc+0x22/0x80 [ 119.195635][ T6652] slab_post_alloc_hook+0x6e/0x4b0 [ 119.200733][ T6652] __kmem_cache_alloc_node+0x13a/0x250 [ 119.206178][ T6652] kmalloc_node_trace+0x26/0xe0 [ 119.211012][ T6652] __get_vm_area_node+0x125/0x370 [ 119.216019][ T6652] __vmalloc_node_range+0x36e/0x1330 [ 119.221289][ T6652] vzalloc+0x79/0x90 [ 119.225168][ T6652] alloc_counters+0xca/0x6e0 [ 119.229742][ T6652] do_ip6t_get_ctl+0xaca/0x1210 [ 119.234577][ T6652] [ 119.236882][ T6652] Memory state around the buggy address: [ 119.242490][ T6652] ffff88805ad78700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 119.250531][ T6652] ffff88805ad78780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 119.258574][ T6652] >ffff88805ad78800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 119.266611][ T6652] ^ [ 119.272742][ T6652] ffff88805ad78880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 119.280786][ T6652] ffff88805ad78900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 119.288825][ T6652] ================================================================== [ 119.323591][ T6652] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 119.330825][ T6652] CPU: 1 PID: 6652 Comm: syz.2.276 Not tainted syzkaller #0 [ 119.338115][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 119.348178][ T6652] Call Trace: [ 119.351460][ T6652] [ 119.354396][ T6652] dump_stack_lvl+0x18c/0x250 [ 119.359089][ T6652] ? show_regs_print_info+0x20/0x20 [ 119.364300][ T6652] ? load_image+0x400/0x400 [ 119.368818][ T6652] panic+0x2dc/0x730 [ 119.372730][ T6652] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 119.378897][ T6652] ? bpf_jit_dump+0xd0/0xd0 [ 119.383415][ T6652] ? _raw_spin_unlock_irqrestore+0x111/0x120 [ 119.389409][ T6652] ? _raw_spin_unlock+0x40/0x40 [ 119.392076][ T1188] usb 4-1: USB disconnect, device number 4 [ 119.400064][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 119.405545][ T6652] check_panic_on_warn+0x84/0xa0 [ 119.410491][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 119.415960][ T6652] end_report+0x6f/0x130 [ 119.420212][ T6652] kasan_report+0x128/0x150 [ 119.424724][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 119.430191][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 119.435667][ T6652] kasan_check_range+0x241/0x290 [ 119.440594][ T6652] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 119.446043][ T6652] __asan_memmove+0x29/0x70 [ 119.450532][ T6652] ext4_xattr_set_entry+0x94b/0x1e90 [ 119.455813][ T6652] ext4_xattr_block_set+0xae8/0x32b0 [ 119.461083][ T6652] ? ext4_destroy_inode+0x200/0x200 [ 119.466269][ T6652] ? proc_nr_inodes+0x230/0x230 [ 119.471103][ T6652] ? do_raw_spin_unlock+0x121/0x230 [ 119.476288][ T6652] ? _raw_spin_unlock+0x28/0x40 [ 119.481121][ T6652] ? ext4_xattr_block_find+0x350/0x350 [ 119.486567][ T6652] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 119.491930][ T6652] ext4_xattr_set_handle+0xe2e/0x14c0 [ 119.497295][ T6652] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 119.503267][ T6652] ? __ext4_journal_start_sb+0x259/0x560 [ 119.508887][ T6652] ext4_xattr_set+0x252/0x340 [ 119.513551][ T6652] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 119.519082][ T6652] ? evm_protected_xattr_common+0x170/0x190 [ 119.524965][ T6652] ? ext4_xattr_security_get+0x40/0x40 [ 119.530407][ T6652] __vfs_setxattr+0x431/0x470 [ 119.535075][ T6652] __vfs_setxattr_noperm+0x12d/0x5e0 [ 119.540347][ T6652] vfs_setxattr+0x16b/0x2f0 [ 119.544843][ T6652] ? xattr_permission+0x470/0x470 [ 119.549863][ T6652] ? __mnt_want_write+0x223/0x2a0 [ 119.554881][ T6652] ? path_setxattr+0x3a1/0x5d0 [ 119.559634][ T6652] path_setxattr+0x3f3/0x5d0 [ 119.564216][ T6652] ? simple_xattrs_free+0x150/0x150 [ 119.569414][ T6652] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 119.575380][ T6652] ? lock_chain_count+0x20/0x20 [ 119.580216][ T6652] __x64_sys_setxattr+0xbb/0xd0 [ 119.585053][ T6652] do_syscall_64+0x55/0xa0 [ 119.589456][ T6652] ? clear_bhb_loop+0x40/0x90 [ 119.594115][ T6652] ? clear_bhb_loop+0x40/0x90 [ 119.598774][ T6652] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 119.604654][ T6652] RIP: 0033:0x7fd8f919aeb9 [ 119.609055][ T6652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 119.628644][ T6652] RSP: 002b:00007fd8fa128028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 119.637046][ T6652] RAX: ffffffffffffffda RBX: 00007fd8f9415fa0 RCX: 00007fd8f919aeb9 [ 119.645007][ T6652] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 119.652964][ T6652] RBP: 00007fd8f9208c1f R08: 0000000000000000 R09: 0000000000000000 [ 119.660919][ T6652] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 119.668873][ T6652] R13: 00007fd8f9416038 R14: 00007fd8f9415fa0 R15: 00007ffe39060c38 [ 119.676836][ T6652] [ 119.680162][ T6652] Kernel Offset: disabled [ 119.684470][ T6652] Rebooting in 86400 seconds..